VYPR

Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings

by WordPress

CVEs (5)

  • CVE-2025-1570HigFeb 28, 2025
    risk 0.46cvss 8.1epss 0.00

    The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directorist_generate_password_reset_pin_code() and…

  • CVE-2025-12174MedNov 19, 2025
    risk 0.35cvss 6.5epss 0.00

    The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'directorist_prepare_listings_export_file' and 'directorist_type_slug_change' AJAX actions in all…

  • CVE-2025-2224MedMar 25, 2025
    risk 0.27cvss 5.3epss 0.00

    The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parse_query' function in all versions up to, and including, 8.2. This…

  • CVE-2024-12041MedFeb 1, 2025
    risk 0.27cvss 5.3epss 0.00

    The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.0.12 via the /wp-json/directorist/v1/users/ endpoint. This makes it possible for…

  • CVE-2025-12953MedNov 11, 2025
    risk 0.21cvss 4.3epss 0.00

    The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "rtcl_ajax_add_listing_type", "rtcl_ajax_update_listing_type", and…